Server-Side Request Forgery (SSRF) in Kibana

#VU20032 Server-Side Request Forgery (SSRF) in Kibana

Published: 2019-08-09

Vulnerability identifier: #VU20032

Vulnerability risk: Low

CVSSv3.1: 3.6 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-7616

CWE-ID: CWE-918

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Kibana
Web applications / Other software

Vendor: Elastic Stack

Description

The disclosed vulnerability allows a remote privileged attacker to perform SSRF attacks.

The vulnerability exists due to insufficient validation of user-supplied input within the graphite integration for Timelion visualizer. A remote authenticated administrator can set the timelion:graphite.url configuration option to an arbitrary URL and perform SSRF attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Kibana: 6.8.0 - 6.8.1, 7.2.0

External links
http://www.elastic.co/community/security/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

SSRF in Elasticsearch Kibana